Yunxi Zhang
An investigation of interoperability issues between authorisation systems within web services
Zhang, Yunxi
Abstract
The existing authorisation systems within the context of Web Services mainly apply two access control approaches – Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). The RBAC approach links an authenticated Web Service Requester to its specific access control permission through roles, but RBAC is not flexible enough to cater for some cases where extra attribute information is needed in addition to the identity. By contrast, the ABAC approach has more flexibility, as it allows a Web Service Requester to submit necessary credentials containing extra attribute information that can fulfil the policies declared by a Web Service Provider, which aims to protect the sensitive resources/services.
RBAC and ABAC can only help to establish a unilateral trust relationship between two Web Services to enable a Web Service Provider to make an access control decision. Unfortunately, the nature of Web Services presents a high probability that two Web Services may not know each other. Therefore, successful authorisation may fail, if the Web Service Requester does not trust the Web Service Provider.
Trust Negotiation (TN) is also an access control approach, which can provide a bilateral trust relationship between two unknown entities, so it sometimes can enable authorisation success in situations where success is not possible through RBAC or ABAC approaches. However, interoperability issues will arise between authorisation systems within Web Services, where a bilateral trust-based authorisation solution is applied. In addition, a lack of a unified approach that can address the interoperability issues remains as a research problem. This research aims to explore possible factors causing the lack of interoperability first, and then to explore an approach that can address the interoperability issues. The main contributions of this research are an improved interoperability model illustrating interoperability issues at different layers of abstraction, and a novel interoperability-solution design along with an improved TN protocol as an example of utilising this design to provide interoperability between authorisation systems within Web Services.
Citation
Zhang, Y. (2014). An investigation of interoperability issues between authorisation systems within web services. (Thesis). University of Hull. Retrieved from https://hull-repository.worktribe.com/output/4216863
| Thesis Type | Thesis |
|---|---|
| Deposit Date | Jul 31, 2015 |
| Publicly Available Date | Feb 23, 2023 |
| Keywords | Arts and new media |
| Public URL | https://hull-repository.worktribe.com/output/4216863 |
| Additional Information | School of Arts and New Media, The University of Hull |
| Award Date | Sep 1, 2014 |
Files
Thesis
(3.6 Mb)
PDF
Copyright Statement
© 2014 Zhang, Yunxi. All rights reserved. No part of this publication may be reproduced without the written permission of the copyright holder.
You might also like
Re-thinking technology and its growing role in enabling patient empowerment
(2018)
Journal Article
Downloadable Citations
About Repository@Hull
Administrator e-mail: repository@hull.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search